Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

640 advisories

Loading
A vulnerability was found in Control iD Gerencia Web 1.30 and classified as problematic. Affected... Low Unreviewed
CVE-2023-4392 was published Aug 17, 2023
The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server... High Unreviewed
CVE-2023-3489 was published Aug 31, 2023
Possible information exposure through log file vulnerability where sensitive fields are... Moderate Unreviewed
CVE-2023-31423 was published Aug 31, 2023
Brocade SANnav before v2.3.0 and v2.2.2a stores SNMPv3 Authentication passwords in plaintext. A... Moderate Unreviewed
CVE-2023-31925 was published Aug 31, 2023
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5,... Low Unreviewed
CVE-2023-3950 was published Sep 1, 2023
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as... Critical Unreviewed
CVE-2023-31069 was published Sep 11, 2023
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x... Moderate Unreviewed
CVE-2023-4400 was published Sep 13, 2023
A cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through... Moderate Unreviewed
CVE-2023-40715 was published Sep 13, 2023
matrix-synapse vulnerable to temporary storage of plaintext passwords during password changes Low
CVE-2023-41335 was published for matrix-synapse (pip) Sep 26, 2023
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.5.0.0 and 9.3.0.4,... Moderate Unreviewed
CVE-2023-2358 was published Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The... Low Unreviewed
CVE-2023-44153 was published Sep 27, 2023
Sensitive information disclosure due to cleartext storage of sensitive information. The following... Moderate Unreviewed
CVE-2023-44159 was published Sep 27, 2023
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security... Moderate Unreviewed
CVE-2023-4066 was published Sep 27, 2023
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation... Critical Unreviewed
CVE-2023-2809 was published Oct 4, 2023
The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB)... Moderate Unreviewed
CVE-2023-41964 was published Oct 10, 2023
An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows... High Unreviewed
CVE-2023-44037 was published Oct 14, 2023
Nautobot vulnerable to exposure of hashed user passwords via REST API High
CVE-2023-46128 was published for nautobot (pip) Oct 24, 2023
Jenkins lambdatest-automation Plugin may expose Credentials access token Low
CVE-2023-46653 was published for org.jenkins-ci.plugins:lambdatest-automation (Maven) Oct 25, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ... Critical Unreviewed
CVE-2023-41095 was published Oct 26, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ... Moderate Unreviewed
CVE-2023-41096 was published Oct 26, 2023
Zentao Biz version 8.7 and before is vulnerable to Information Disclosure. High Unreviewed
CVE-2023-46376 was published Oct 27, 2023
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential... Moderate Unreviewed
CVE-2023-47312 was published Nov 22, 2023
Cleartext Storage of Sensitive Information in HMAC SHA256 Authentication Moderate
CVE-2023-48707 was published for codeigniter4/shield (Composer) Nov 23, 2023
LOYTEC electronics GmbH LINX-212 firmware 6.2.4 and LINX-151 firmware 7.2.4 are vulnerable to... High Unreviewed
CVE-2023-46386 was published Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. Cleartext... High Unreviewed
CVE-2023-46384 was published Dec 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database